WITNESS Tech Digest: Transparency Reports on Government Interference

Content disappears from the Internet…a lot. And the type of content we care about at WITNESS — citizen- and activist-shot media that has news or justice value — is no different, so we are thinking a lot about how to protect meaningful content before it gets lost. Accounts can get deleted, uploaders can get scared or threatened, content can be flagged as offensive or violent, and accidents happen; but occasionally there is another cause — government interference.

One valuable set of resources for learning more about this issue, at least when it comes to the government interference part, are the transparency reports that Internet-based companies are increasingly producing. These reports are their way of informing their users around the world about the demands that governments are making on the companies to hand over users’ data and take down their content. The last month saw a spate of news items about new transparency reports, companies fighting to divulge even more information, and more to come this year.

— Reddit, the popular online forum, published it’s first ever transparency report. The site is built exclusively on user-submitted content, so it is an important step for the company to disclose just how governments are reacting to what its users are sharing. It turns out, the scale of requests that reddit deals with is far lower than other platforms — it’s dealing with dozens of requests rather than hundreds or thousands — in part because the site collects and retains relatively small amounts of data about its users. The report comes with a refreshingly quick turnaround; instead of the six- to twelve-month delay that we sometimes see, this report details all of the requests they received in 2014.

— Twitter’s latest report was released in February and also details the requests received in 2014, though it has a larger scale than reddit’s. The company saw a serious uptick in the amount of requests they received, with almost 3,000 requests for user data coming in the second half of the year. As for content removal, Twitter received almost 800 demands to take down tweets, with over 3,200 accounts specified in those orders; the company complied at least in part with only 13 percent of those requests, taking down almost 2000 tweets in total. The list of government requests is dominated by just a few culprits — the United States is by far the leader, but Russia, Turkey, and the UK really ramped up their requests for data and removal last year, as well. Overall, the Twitter report is the clearest, most navigable one on the web, with easy-to-understand charts, maps, and breakdowns, plus a few examples. The only problem — there’s no easy way to download the data and develop your own analysis and graphics.

— Since the Snowden revelations damaged user trust in the platforms they use regularly, companies and governments have been in a back-and-forth fight about how much users should be allowed to know about surveillance and censorship online. Twitter has been at the forefront of this movement for more disclosure to users in recent years, and they are pushing for more flexibility in what they are able to share with users. In the US, one big issue is the gag orders placed on recipients of National Security Letters, a mechanism through which the FBI can demand customer data from ISPs, banks, telecoms, and online platforms, with those companies being barred from notifying users of the requests. Twitter is at the head of a lawsuit aimed at forcing the Justice Department to allow more disclosure about those National Security Letters, and in February the company got a lot of backing from other major tech companies, who filed briefs to the court in support of Twitter’s push for more freedom to communicate with users.

— As it stands, companies are not allowed to say anything when they receive one of those National Security Letters. However, there is a tentative workaround — ‘tentative’ because the legality of the maneuver is not entirely clear. It’s call a ‘warrant canary’, and it works very simply. Companies who have never received an NSL simply state that fact on their sites, and if that assertion ever disappears, users and advocates will know that the company has been forced to secretly hand over data to the FBI. It’s a clumsy mechanism that doesn’t offer much clarity, but it’s the best tool that is available under the current rules. In February, a new site launched by the Electronic Frontier Foundation, the Berkman Center at Harvard, NYU Law, and Calyx started presenting those canaries in one place. Canarywatch “tracks and documents” the statements, updating whenever new companies adopt a canary or a company takes theirs down, indicating that they’ve had to hand over data.

There’s more to look forward to as spring approaches. First, WITNESS is doing some research about content takedowns, the causes and impact, and what can be done, which we’ll hope to share in the coming months. These transparency reports are one source from which we are drawing information, in combination with stories from users, discussions with platform providers, and examples of content that has gone missing. In addition, Google’s twice-yearly report, which has the most data points by far, is due for an update soon.

P.S. If you’re headed to SXSW this year, look out for my panel and my colleague Sam Gregory’s mentoring sessions on Saturday March 14th. Details here.